80.安心技术梳理 - 开发对敏感数据加密和解密操作工具，干货

最新推荐文章于 2021-02-13 15:42:31 发布

孜梓不倦

最新推荐文章于 2021-02-13 15:42:31 发布

阅读量401

点赞数

分类专栏：安心技术文章标签： java

本文链接：https://blog.csdn.net/majunzhu/article/details/106497977

版权

安心技术专栏收录该内容

102 篇文章 2 订阅

订阅专栏

本文介绍了使用Java实现敏感数据的三重DES加密和解密操作，包括加密工具类DecEncUtils、加盐工具类EncryptKeyConstant、加密接口Encryptor和解密接口Decryptor等，确保数据的安全性。

摘要由CSDN通过智能技术生成

对重要敏感数据进行统一加密和解密操作

1.实践类

import com.security.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class DecEncUtils {
private static final Logger logger = LoggerFactory.getLogger(DecEncUtils.class);
//加密
public static String buildEncrypt(String param, String salt) {
String encParam = null;
try {
Encryptor encryptor = new TripleDESEncryptor();
encParam = encryptor.encryptSafe(param, salt);
} catch (Exception e) {
logger.error("加密前param:{},加密后param:{}.加密param格式有误,加密失败", param, encParam, e);
}
return encParam;
}
//解密
public static String buildDecrypt(String encParam, String salt) {
String param = "";
try {
Decryptor decryptor = new TripleDESDecryptor();
param = decryptor.decryptSafe(encParam, salt);
} catch (Exception e) {
logger.error("解密前encParam:{},解密后param:{}.解密encParam格式有误,解密失败", encParam, param, e);
}
return param;
}
}

//工具类-加盐
public class EncryptKeyConstant {
public static final String CONSUME_COUPON = "CONSUME_COUPON";
public static final String ACT_KEY = "ACT_KEY";
}

//加密
public interface Encryptor {
String encrypt(String value, String key);
String encryptSafe(String value, String key);
}
import org.apache.commons.lang3.StringUtils;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class TripleDESEncryptor implements Encryptor {
private static final String ALGORITHM = "DESede";
@Override
public String encrypt(String value, String key) {
byte[] bytes = encryptMode(TripleDESKeyGenerator.generate(key), value.getBytes());
return BASE64.encode(bytes);
}
@Override
public String encryptSafe(String value, String key) {
byte[] bytes = encryptMode(TripleDESKeyGenerator.generate(key), value.getBytes());
return BASE64.encodeSafe(bytes);
}
public static byte[] encryptMode(byte[] keyBytes, byte[] src) {
try {
//生成密钥
SecretKey desKey = new SecretKeySpec(keyBytes, ALGORITHM);
//加密
Cipher c1 = Cipher.getInstance(ALGORITHM);
c1.init(Cipher.ENCRYPT_MODE, desKey);
return c1.doFinal(src);
} catch (Exception e1) {
e1.printStackTrace();
}
return null;
}
}
//解密
public interface Decryptor {
String decrypt(String value, String key);
String decryptSafe(String value, String key);
}
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class TripleDESDecryptor implements Decryptor {
private static final String ALGORITHM = "DESede";
@Override
public String decrypt(String value, String key) {
byte[] valueBytes = BASE64.decode(value);
return new String(decryptMode(TripleDESKeyGenerator.generate(key), valueBytes));
}
@Override
public String decryptSafe(String value, String key) {
byte[] valueBytes = BASE64.decodeSafe(value);
return new String(decryptMode(TripleDESKeyGenerator.generate(key), valueBytes));
}
public static byte[] decryptMode(byte[] keyBytes, byte[] value) {
try {
//生成密钥
SecretKey desKey = new SecretKeySpec(keyBytes, ALGORITHM);
//解密
Cipher c1 = Cipher.getInstance(ALGORITHM);
c1.init(Cipher.DECRYPT_MODE, desKey);
return c1.doFinal(value);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}

import javax.crypto.KeyGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class TripleDESKeyGenerator {
public static byte[] generate(String seed) {
try {
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed(seed.getBytes());
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(192, random);
return kgen.generateKey().getEncoded();
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
}

import java.io.UnsupportedEncodingException;
public class BASE64 {
//Default values for encoder/decoder flags
public static final int DEFAULT = 0;
//Encoder flag bit to omit the padding '=' characters at the end
public static final int NO_PADDING = 1;
//Encoder flag bit to omit all line terminators (i.e., the output
public static final int NO_WRAP = 2;
public static final int CRLF = 4;
public static final int URL_SAFE = 8;
public static final int NO_CLOSE = 16;

static abstract class Coder {
public byte[] output;
public int op;
public abstract boolean process(byte[] input, int offset, int len, boolean finish);
public abstract int maxOutputSize(int len);
}

public static byte[] decode(String str, int flags) {
return decode(str.getBytes(), flags);
}

public static byte[] decode(byte[] input, int flags) {
return decode(input, 0, input.length, flags);
}

public static byte[] decode(byte[] input, int offset, int len, int flags) {
Decoder decoder = new Decoder(flags, new byte[len*3/4]);
if (!decoder.process(input, offset, len, true)) {
throw new IllegalArgumentException("bad base-64");
}
if (decoder.op == decoder.output.length) {
return decoder.output;
}
byte[] temp = new byte[decoder.op];
System.arraycopy(decoder.output, 0, temp, 0, decoder.op);
return temp;
}

static class Decoder extends Coder {
private static final int DECODE[] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -2, -1, -1,
-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
};

private static final int DECODE_WEBSAFE[] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -2, -1, -1,
-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63,
-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
};

private static final int SKIP = -1;
private static final int EQUALS = -2;
private int state;
private int value;
final private int[] alphabet;
public Decoder(int flags, byte[] output) {
this.output = output;
alphabet = ((flags & URL_SAFE) == 0) ? DECODE : DECODE_WEBSAFE;
state = 0;
value = 0;
}

public int maxOutputSize(int len) {
return len * 3/4 + 10;
}

public boolean process(byte[] input, int offset, int len, boolean finish) {
if (this.state == 6) return false;
int p = offset;
len += offset;
int state = this.state;
int value = this.value;
int op = 0;
final byte[] output = this.output;
final int[] alphabet = this.alphabet;
while (p < len) {
if (state == 0) {
while (p+4 <= len &&
(value = ((alphabet[input[p] & 0xff] << 18) |
(alphabet[input[p+1] & 0xff] << 12) |
(alphabet[input[p+2] & 0xff] << 6) |
(alphabet[input[p+3] & 0xff]))) >= 0) {
output[op+2] = (byte) value;
output[op+1] = (byte) (value >> 8);
output[op] = (byte) (value >> 16);
op += 3;
p += 4;
}
if (p >= len) break;
}
int d = alphabet[input[p++] & 0xff];
switch (state) {
case 0:
if (d >= 0) {
value = d;
++state;
} else if (d != SKIP) {
this.state = 6;
return false;
}
break;
case 1:
if (d >= 0) {
value = (value << 6) | d;
++state;
} else if (d != SKIP) {
this.state = 6;
return false;
}
break;
case 2:
if (d >= 0) {
value = (value << 6) | d;
++state;
} else if (d == EQUALS) {
// Emit the last (partial) output tuple;
// expect exactly one more padding character.
output[op++] = (byte) (value >> 4);
state = 4;
} else if (d != SKIP) {
this.state = 6;
return false;
}
break;
case 3:
if (d >= 0) {
// Emit the output triple and return to state 0.
value = (value << 6) | d;
output[op+2] = (byte) value;
output[op+1] = (byte) (value >> 8);
output[op] = (byte) (value >> 16);
op += 3;
state = 0;
} else if (d == EQUALS) {
// Emit the last (partial) output tuple;
// expect no further data or padding characters.
output[op+1] = (byte) (value >> 2);
output[op] = (byte) (value >> 10);
op += 2;
state = 5;
} else if (d != SKIP) {
this.state = 6;
return false;
}
break;
case 4:
if (d == EQUALS) {
++state;
} else if (d != SKIP) {
this.state = 6;
return false;
}
break;
case 5:
if (d != SKIP) {
this.state = 6;
return false;
}
break;
}
}
if (!finish) {
// We're out of input, but a future call could provide
// more.
this.state = state;
this.value = value;
this.op = op;
return true;
}
switch (state) {
case 0:
break;
case 1:
this.state = 6;
return false;
case 2:
output[op++] = (byte) (value >> 4);
break;
case 3:
output[op++] = (byte) (value >> 10);
output[op++] = (byte) (value >> 2);
break;
case 4:
this.state = 6;
return false;
case 5:
break;
}

this.state = state;
this.op = op;
return true;
}
}

public static String encodeToString(byte[] input, int flags) {
try {
return new String(encode(input, flags), "US-ASCII");
} catch (UnsupportedEncodingException e) {
throw new AssertionError(e);
}
}

public static String encodeToString(byte[] input, int offset, int len, int flags) {
try {
return new String(encode(input, offset, len, flags), "US-ASCII");
} catch (UnsupportedEncodingException e) {
// US-ASCII is guaranteed to be available.
throw new AssertionError(e);
}
}

public static byte[] encode(byte[] input, int flags) {
return encode(input, 0, input.length, flags);
}

public static byte[] encode(byte[] input, int offset, int len, int flags) {
Encoder encoder = new Encoder(flags, null);
int output_len = len / 3 * 4;
if (encoder.do_padding) {
if (len % 3 > 0) {
output_len += 4;
}
} else {
switch (len % 3) {
case 0: break;
case 1: output_len += 2; break;
case 2: output_len += 3; break;
}
}
if (encoder.do_newline && len > 0) {
output_len += (((len-1) / (3 * Encoder.LINE_GROUPS)) + 1) *
(encoder.do_cr ? 2 : 1);
}
encoder.output = new byte[output_len];
encoder.process(input, offset, len, true);
assert encoder.op == output_len;
return encoder.output;
}

static class Encoder extends Coder {
public static final int LINE_GROUPS = 19;
private static final byte ENCODE[] = {
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/',
};
private static final byte ENCODE_WEBSAFE[] = {
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_',
};
final private byte[] tail;
int tailLen;
private int count;
final public boolean do_padding;
final public boolean do_newline;
final public boolean do_cr;
final private byte[] alphabet;
public Encoder(int flags, byte[] output) {
this.output = output;
do_padding = (flags & NO_PADDING) == 0;
do_newline = (flags & NO_WRAP) == 0;
do_cr = (flags & CRLF) != 0;
alphabet = ((flags & URL_SAFE) == 0) ? ENCODE : ENCODE_WEBSAFE;
tail = new byte[2];
tailLen = 0;
count = do_newline ? LINE_GROUPS : -1;
}

public int maxOutputSize(int len) {
return len * 8/5 + 10;
}

public boolean process(byte[] input, int offset, int len, boolean finish) {
final byte[] alphabet = this.alphabet;
final byte[] output = this.output;
int op = 0;
int count = this.count;
int p = offset;
len += offset;
int v = -1;
switch (tailLen) {
case 0:
break;
case 1:
if (p+2 <= len) {
v = ((tail[0] & 0xff) << 16) |
((input[p++] & 0xff) << 8) |
(input[p++] & 0xff);
tailLen = 0;
};
break;
case 2:
if (p+1 <= len) {
v = ((tail[0] & 0xff) << 16) |
((tail[1] & 0xff) << 8) |
(input[p++] & 0xff);
tailLen = 0;
}
break;
}
if (v != -1) {
output[op++] = alphabet[(v >> 18) & 0x3f];
output[op++] = alphabet[(v >> 12) & 0x3f];
output[op++] = alphabet[(v >> 6) & 0x3f];
output[op++] = alphabet[v & 0x3f];
if (--count == 0) {
if (do_cr) output[op++] = '\r';
output[op++] = '\n';
count = LINE_GROUPS;
}
}
while (p+3 <= len) {
v = ((input[p] & 0xff) << 16) |
((input[p+1] & 0xff) << 8) |
(input[p+2] & 0xff);
output[op] = alphabet[(v >> 18) & 0x3f];
output[op+1] = alphabet[(v >> 12) & 0x3f];
output[op+2] = alphabet[(v >> 6) & 0x3f];
output[op+3] = alphabet[v & 0x3f];
p += 3;
op += 4;
if (--count == 0) {
if (do_cr) output[op++] = '\r';
output[op++] = '\n';
count = LINE_GROUPS;
}
}
if (finish) {
if (p-tailLen == len-1) {
int t = 0;
v = ((tailLen > 0 ? tail[t++] : input[p++]) & 0xff) << 4;
tailLen -= t;
output[op++] = alphabet[(v >> 6) & 0x3f];
output[op++] = alphabet[v & 0x3f];
if (do_padding) {
output[op++] = '=';
output[op++] = '=';
}
if (do_newline) {
if (do_cr) output[op++] = '\r';
output[op++] = '\n';
}
} else if (p-tailLen == len-2) {
int t = 0;
v = (((tailLen > 1 ? tail[t++] : input[p++]) & 0xff) << 10) |
(((tailLen > 0 ? tail[t++] : input[p++]) & 0xff) << 2);
tailLen -= t;
output[op++] = alphabet[(v >> 12) & 0x3f];
output[op++] = alphabet[(v >> 6) & 0x3f];
output[op++] = alphabet[v & 0x3f];
if (do_padding) {
output[op++] = '=';
}
if (do_newline) {
if (do_cr) output[op++] = '\r';
output[op++] = '\n';
}
} else if (do_newline && op > 0 && count != LINE_GROUPS) {
if (do_cr) output[op++] = '\r';
output[op++] = '\n';
}
assert tailLen == 0;
assert p == len;
} else {
if (p == len-1) {
tail[tailLen++] = input[p];
} else if (p == len-2) {
tail[tailLen++] = input[p];
tail[tailLen++] = input[p+1];
}
}
this.op = op;
this.count = count;
return true;
}
}
private BASE64() { }
//BASE64 解码
public static byte[] decode(String str) {
return decode(str, DEFAULT);
}
//BASE64 编码
public static String encode(byte[] bytes) {
return encodeToString(bytes, DEFAULT);
}
//BASE64 解码
public static byte[] decodeSafe(String str) {
return decode(str, URL_SAFE);
}
//BASE64 编码
public static String encodeSafe(byte[] bytes) {
return encodeToString(bytes, URL_SAFE);
}
}